You Only Get Fraud When You Start Looking for It

One of the most shocking pieces of news I’ve heard in recent weeks came from the law courts of Mexico, where Roku sales were banned in-country because pirates, hackers, fraudsters, soldiers of fortune, or whatever you want to call them, keep hacking the devices.

Cable provider Cablevisión, owned by media conglomerate Grupo Televisa, sued Roku to stop sales of their devices (pictured above) in Mexico, alleging that pirates were using them to illegally sell streaming access to TV channels distributed by Televisa. Last week, a judge ruled against Roku, which allowed the government to block sales of the devices throughout the country. Roku won a temporary stay of the order, but it was reversed a few days later by a court tribunal in Mexico City.

For those not familiar with Roku, it is one of the many streaming devices that can be transformed into ‘Kodi boxes’. They offer the ability to stream video from the likes of Netflix, Amazon, Hulu, HBO, Sling TV and other online services. Its price starts at about $30. (For those that want to know more about it, I’m going to put the link here to compensate for the sales lost in the Mexican market.)

On top of Roku’s streaming capabilities, the device also delivers an ecosystem of apps that makes content available to its users. Along with a subscription to Roku’s App Ecosystem comes the ability to access illegal streaming channels. The dark side of today’s app ecosystem is that this is a place where pirated content happily coexists with some of the biggest media content providers in the industry.

To access these illegal streaming apps, such as Popcorn Time or TorrenTV , users simply drag and drop a link to immediately start streaming a movie or TV show on their Mac, Windows PC, or Android box. But instead of just playing movies on a computer, these apps can now also be installed directly onto a television via a Roku device or, until recently, even an Apple TV.

Now I can finally address the main point of this article: Sorry guys, but forbidding Roku’s sales is not the way to stop illegal digital streaming and downloads. At its source, this is fraud, and by penalizing Roku, you are just shooting the (condescending) messenger. Of course, Roku could have forbidden these apps to run on their devices in the first place, but these digital pirates would certainly have come up with alternatives, given all the other streaming devices on the market. Not sure? Just have a look at this list of Kodi boxes available on Amazon.

This isn’t a problem limited to Mexico. Digital content piracy is escalating globally. Sandvine recently issued a report that showed that 6 percent of North American households have at least one device in their home that is configured to access unlicensed live and on demand video content using Kodi. Additionally, a recent BBC study revealed that a third of British fans of the Premier League say they watch illegal streams of matches.

When you look at the CFCA’s fraud reports, there is no mention of digital streaming and download fraud. The reason why is because until very recently, these fraud types were seen by communication service providers as a necessary evil that allowed them to address a certain customer segment. It was a trade-off for selling more bandwidth to heavy users of downloads/streaming. Creating bundles for this market was even considered part of their marketing strategy to help combat customer churn and increase ARPU.

The CFCA’s 2015 Global Fraud Loss Survey reports that $38.1 Billion USD is lost to communications fraud every year, but this only covers common fraud issues that have existed for decades. With all the new fraud types, techniques and methods that have popped up in recent years, these industry numbers are really just the tip of the iceberg.

Fraud numbers reported are just the top part of an iceberg, or as we call it, the “known knowns”. I often joke about this issue by saying:

No one has fraud until they deploy a fraud management system.

In other words, the more effective the system is, and the deeper it goes in searching for fraud, the more fraud you will find.

As telco companies unleash technology and media as part of their TMT digital transformation, there is no longer any justification for simply analyzing call detail records and calling that a fraud management strategy. Service providers need to understand the value of digital content. Verizon’s $4.5bn recent acquisition of Yahoo is an example of how the industry is shifting and why telco companies need to start protecting their digital assets from fraudsters. Digital disruption is reshaping the landscape of the cable-television industry on an almost daily basis, with yesterday’s competitors suddenly becoming partners, and new entrants looking more and more like power players.

Carlos Marques
Carlos Marques
Carlos is a Vice President at Mobileum, a leading provider of telecom analytics solutions for roaming, core network, security, risk management, domestic and international connectivity testing, and customer intelligence. He is responsible for product marketing for Mobileum's risk management products.

4 Comments on "You Only Get Fraud When You Start Looking for It"

  1. Avatar Ken Dickenson | 14 Aug 2017 at 9:24 am |

    The only way we can attach this type of fraud effectively in my opinion is to use deep packet inspection and connect the device to the fraud management system. One of the stumbling blocks in using this technique is that it can be argued by authorities that this gives user the ability to listen in to customer calls. Up until now fraud systems have relied largely on billing data to assess fraudulent transactions with deep packet inspection monitoring will have to be restricted to headers and trailers and only where these are ambiguous will it be necessary to dig further into the message as it may be that fraudsters start packing messages inside each other to disguise the content.

    • Hi Ken, I think you are right. Routine use of DPI has many downsides; it means authorizing routine snooping on private communications in order to deal with a criminal issue. There’s an irony in the fact that national governments are so apathetic about chasing and punishing fraudsters if the victims are overseas, but may end up condoning widespread corporate surveillance of their own citizens in order to tackle those frauds.

  2. Avatar Sreenadh Ambarkhana | 21 Aug 2017 at 8:42 am |

    The ‘traditional FM Systems’ are no more than credit monitoring tools. I see no fraud being detected out of them. The current frauds require more than one data source and just credit monitoring. Fraud monitoring is a complex process and not mere psuedo rating, it involves more than one angle to take to a logical conclusion. You understand the impact of fraud, only when you start looking for it…

    • Avatar akrittok | 25 Aug 2017 at 5:17 pm |

      I hate to be on the vendor’s side since they certainly have their faults, but what you said above tells me either that you were either sold a really crappy FMS (although you say “them” so I guess you were sold several crappy FMS…?), or you don’t know how to use one. Or the implementation was crappy. Since you mention 1 single data source as if it’s something common. Or the requirements.
      And actually, as credit monitoring, the FMS are one of the worst systems to use. They do a really bad job at credit monitoring. That’s why these vendors also offer….credit monitoring systems.

Comments are closed.